- Top 16 Chinese iPhoneys
- 23 things I wish would just go away
- Credit card skimming
- System admin steals almost 20,000 pieces of gear
- Microsoft will float cloud OS this month
Newsletters | Podcasts | Chats | Opinions | RSS Feeds | This Week In Print | IT Careers | Community | Reports | Downloads | Slideshows | New Data Center
Partner Sites:Application Performance Solutions | App Performance | Networking Solution | SafeGuard Enterprise Solution Center | SOA | Value of WDS
There continues to be plenty of finger-pointing over who should fix the broken process for patching Windows-based patient-care systems, but some users and vendors are at least trying to deal with the problem directly.
As outlined in a Network World story earlier this month, hospital IT and network professionals say their hands are tied when it comes to patching patient-care systems that increasingly are based on Microsoft software and that are often networked to simplify information sharing. IT professionals say device makers don't want customers fussing with their systems out of fear that the products will not conform to rules laid out by the federal Food and Drug Administration, which says the device makers are exaggerating the extent of FDA rules. While device makers are largely mum on this topic, those that do talk acknowledge they could do more to smooth the process but also say healthcare IT shops need to re-evaluate how they set up their networks.
Steve Wexler, chief biomedical engineer at the Department of Veterans Affairs' Health Administration Division, says the veterans' organization is addressing the problem head-on by crafting a plan to tighten security on the networks of about 150 VA hospitals and that the organization hopes to have it in effect by fall.
"You just can't modify a regulated device," says Wexler, who worked with about a dozen network and security managers at the VA to devise the Department of Veterans Affairs Medical Device Isolation Architecture Guide.
The plan calls for VA hospitals to beef up security on LANs by adding internal firewalls, virtual LANs and remote-access control lists to cordon off Windows-based GE Medical imaging systems and other gear.
The guide acknowledges that routine patching is often "not available in most cases" to medical devices with commercial operating systems such as Windows. Therefore, networked patient-care equipment could be exposed to attacks "that have the potential to destabilize an entire network, shut down hospital operations, corrupt data and jeopardize patient safety."
Wexler says users of networked medical devices should put pressure on manufacturers to do a better job of addressing security concerns.
Rss FeedRss Feed
The Vista era of Windows is here. Yet most organizations will retain Windows XP alongside new Vista...
Vulnerability Management For DummiesDownload this concise book "Vulnerability Management for Dummies," to learn about the simple steps...
Security Considerations When Deploying Remote Access SolutionsEffective network security is most successful when you use a layered approach, with multiple...
The Vista era of Windows is here. Yet most organizations will retain Windows XP alongside new Vista...
Turning information into a Competitive AdvantageCompanies today are realizing that competitive advantage is harder to sustain when based solely on...
PoE Plus: Impact on the PoE MarketThe standard for Power over Ethernet (PoE), IEEE Std. 802.3af(tm)-2003, advanced networking,...
Discover why Unified Threat Management Firewalls are ready for the enterprise today. High...
The Evolution of Network SecurityWe have so many holes punched in our firewalls today that many industry insiders question the value...
The self-managed networkWe aren't there yet, but advances in network and systems management tools are making it possible to...
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com | The Industry Standard | IDG List Services | IDG TechNetwork |
 |
Copyright © 1994-2008 Network World, Inc. All rights reserved. |
Partner Content
Brilliantly simple security and control solutions for email, web and endpoint
www.sophos.com
Stopping data leakage
Learn how to exploit your current security investment to control the information that flows into, through and out of your network.
Download the white paper.
Why detection rates aren't enough
Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask prospective vendors to get the right endpoint solution.
Download the white paper.
Applications: taking back control
Employees installing unauthorized applications is a growing threat to business security and productivity. Cost-effectively reduce this threat by integrating control into your malware protection.
Learn more today.
Comment